Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Git Commit Signing: Code we can trust?

Matthew Rudy Jacobs
February 12, 2018
Technology
0
150

Git Commit Signing: Code we can trust?

When we install software on our computers we have to trust the package maintainers that it's secure.

If someone slips a hack into homebrew all of our machines could become vulnerable.

But what about our own code? * When we deploy to production, how do we know we can trust it? * What if someone pushes a hack to our github? * Will CI still push it to production?

It turns out Git has a cool feature that can help us trust the code we deploy. We'll discuss Git Commit Signing, how it can help us, and what downsides it may have.

Talk given at the London Ruby User Group (LRUG) at Skillmatter in London on Monday 12th February 2018

Matthew Rudy Jacobs

February 12, 2018
Tweet

More Decks by Matthew Rudy Jacobs

See All by Matthew Rudy Jacobs
From Developer to Architect (and back again)
matthewrudy
3
210
Humans are Hard
matthewrudy
0
110
[Alpha] Humans Are Hard
matthewrudy
0
84
From Developer To Architect
matthewrudy
0
63
We Need To Talk About Postgres
matthewrudy
0
72
Coding as a Team At GoGoVan
matthewrudy
3
400
10 Years of Code
matthewrudy
0
95
Elixir - Part 1
matthewrudy
1
160
Deploying Microservices with Kubernetes
matthewrudy
0
54

Other Decks in Technology

See All in Technology
Hands-on Gemini, the Google DeepMind LLM
meteatamel
1
110
コードを書く隙間を見つけて生きていく技術/Findy 思考の現在地
fujiwara3
27
5.8k
web-application-security
matsuihidetoshi
0
130
長期運用プロジェクトでのMySQLからTiDB移行の検証
colopl
2
820
コンパウンドスタートアップのためのスケーラブルでセキュアなInfrastructure as Codeパイプラインを考える / Scalable and Secure Infrastructure as Code Pipeline for a Compound Startup
yuyatakeyama
4
4.6k
反実仮想機械学習とは何か
usaito
PRO
8
3k
NgRx Signal Store
rainerhahnekamp
0
140
Oracle Cloud Infrastructure:2024年4月度サービス・アップデート
oracle4engineer
PRO
1
180
KubeCon EU 2024 Recap “Kubernetes Policy Time Machine: Where to Next?”
ryysud
0
200
最近たまに見かけるTiDBってなんだ? - Findy
pingcap0315
2
760
私が trocco を推す理由
__allllllllez__
1
200
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
120

Featured

See All Featured
It's Worth the Effort
3n
180
27k
The Invisible Side of Design
smashingmag
294
49k
Docker and Python
trallard
34
2.7k
The Brand Is Dead. Long Live the Brand.
mthomps
49
28k
Automating Front-end Workflow
addyosmani
1356
200k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
30
6k
Designing on Purpose - Digital PM Summit 2013
jponch
110
6.5k
Imperfection Machines: The Place of Print at Facebook
scottboms
260
12k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.9k
Learning to Love Humans: Emotional Interface Design
aarron
267
39k
Fontdeck: Realign not Redesign
paulrobertlloyd
76
4.9k
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k

Transcript

  1. git commit signing code you can trust? Matthew Rudy Jacobs

    @ LRUG Monday 12th February 2018

  2. @MATTHEWRUDY

  3. SOURCES

  4. SECURING DEVOPS

  5. HTTPS://MIKEGERWITZ.COM/PAPERS/GIT-HORROR-STORY

  6. WHAT'S THE PROBLEM?

  7. WHO WROTE THIS?

  8. MORE DANGEROUSLY

  9. SOMEWHERE IN THE MIDDLE!

  10. THIS WAS REAL

  11. WOULDN'T THIS BE BETTER? UNVERIFIED

  12. GIT COMMIT SIGNING

  13. WHAT IS IT?

  14. GIT 1.7.9 (JANUARY 2012)

  15. You've probably seen it

  16. You've probably seen it

  17. IT'S JUST PGP

  18. AND IT COMES BUILT INTO GIT

  19. YOU CAN SIGN COMMITS

  20. YOU CAN SIGN TAGS

  21. IT MOSTLY JUST WORKS

  22. HOW TO INSTALL

  23. • brew install gpg • gpg --full-generate-key • git config

    --global user.signingKey MYKEYID • git config --global commit.gpgsign true

  24. HTTPS://HELP.GITHUB.COM/ARTICLES/ SIGNING-COMMITS-WITH-GPG/

  25. HTTPS://KEYBASE.IO/MATTHEWRUDY

  26. VERIFY YOUR CODE

  27. VIEW THE SIGNATURES

  28. GIT VERIFY-COMMIT Unsigned Unverified Verified

  29. STICK IT ON YOUR CI

  30. EXAMPLE FAILURE

  31. CAVEATS

  32. THERE ARE BUGS

  33. TOOLING COULD BE BETTER

  34. INTEGRATION COULD BE BETTER UNVERIFIED UNSIGNED

  35. SECURITY IS HARD!!!

  36. SECURITY IS HARD!!! What if someone breaks into your laptop?

    What if you don't notice a malicious change? What if someone hacks github? How do you expire an old key? What if a trusted employee goes rogue? What if someone compromises your CI? What if someone has a quantum computer?

  37. TRUSTING THE COMMITTER == TRUSTING THE CODE?

  38. CONCLUSIONS

  39. ADOPTION IS PRETTY LOW

  40. BUT ITS QUITE EASY

  41. ITS VALUE DEPENDS ON YOUR BUSINESS

  42. WHY NOT TRY?

  43. THANKS